image-maker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (step 2 "Research the situation") and the JSON schema's research_anchors/source_inputs fields — plus references like references/gpt-image-2-research.md which list external URLs — explicitly require fetching and using public web URLs and visual references as inputs that feed prompt creation and generation decisions, so untrusted third‑party content can materially influence the agent's prompts and actions.